With the increased bandwidth provided by third generation mobile phone technologies such as CDMA2000 and UMTS, providing secure access control in broadcast schemes for electronic devices incorporating these technologies is an active research area. Examples of broadcasting services include providing highlights of sporting fixtures and recent news, popular music audio and accompanying video tracks, weather and financial market updates, popular soap or comedy TV programs, and even movies. Whilst such content may be broadcast continuously, a subscriber will typically only want to subscribe to some of this content for a correspondingly limited duration or subscription period. The content is encrypted prior to broadcast, and a subscriber must obtain the appropriate decryption key by subscribing using some form of payment in order to access the desired content. Various encryption schemes are known in order to address how to allow access to the encrypted content for different subscribers over different periods.
The conventional group key scheme provides a common decryption key to all members of a subscription group which each want to access the same content, for example a music video. However this scheme has a high key management and transmission overhead as the group of subscribers is often changing, requiring changing the keys of the group and retransmitting the keys to all members of the group when a new user joins/leaves. This is very costly and impractical in a highly dynamic broadcast subscription environment, such as in a wireless network where subscribers will typically only want content of short duration.
Another approach is the Point-to-Point (PTP) protocol in which a server sends an individual copy of the data item for each subscriber. However this requires a separate key for each subscriber and therefore increases the key management and transmission/bandwidth requirements, as well as the broadcast bandwidth requirements.
An intermediate approach is the Group Key (GK) method which forms groups of clients for each data item and assigns a key for the group that remains valid until the group changes. In such a system it is necessary to change the group key every time a user joins or leaves the subscription. For a user leaving the subscription it is necessary to change the GK to prevent the user from accessing the future broadcast content. For a user joining the subscription it is necessary to change the GK to prevent the user from accessing the previous broadcast content. The GK approach performs well when the groups do not change very often, however in applications where there are a large number of users and frequent additions or deletions to the group membership this key management scheme can introduce a significant management and communication burden. Broadcasting in a wireless network environment is highly dynamic in terms of subscribers joining and dropping from broadcasts. Furthermore the bandwidth for transmitting keys to subscribers is limited.
The Drop Groups (DG) protocol attempts to address this scalability problem by a grouping criterion which assigns each subscriber to predetermined groups, and assigns each group a group key valid until the group changes. In DG a group of data items are further divided into subgroups using an additional criterion, the time to drop, which is simply the amount of time until a subscriber's subscription for a data item expires. Subscription expirations are bunched together at discrete epochs, however if the minimum epoch length is 1 hour, and a subscriber wants to subscribe to a data item for 2.5 hours, according to DG it must choose to subscribe for either two or three hours.